failed to join domain: Computer 'castelblack' failed to join domain 'north.sevenkingdoms.local' using GOAD v3

[wwwiesel]

hi, i am creating a new issue for this due its GoAD v3... in the previous isse ist was mentioned that it is fixed in v3.

See: #266

TASK [member_server : Add member server] ***********************************************************************************************************************************************
fatal: [srv02]: FAILED! => {"changed": true, "msg": "failed to join domain: Computer 'castelblack' failed to join domain 'north.sevenkingdoms.local' from its current workgroup 'WORKGROUP' with following error message: The specified domain either does not exist or could not be contacted.", "reboot_required": false}

PLAY RECAP *****************************************************************************************************************************************************************************
dc01 : ok=6 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
dc02 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
srv02 : ok=5 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

[-] 3 fails abort.
[-] Something wrong during the provisioning task : ad-members.yml

[Mayfly277]

what the .. can you tell me what os/provider/provisioning_method do you use ?

[wwwiesel]

thank you for your response.

Attached the Information:

My Host ist a Windows 10 PC which uses VMWare Workstation Pro
as VM I am using a Debian Linux:

frank@GoAD:~$ cat /etc/debian_version
12.8

Packages:

frank@GoAD:~$ dpkg -l (grepped for each package)
ii  vagrant                         2.4.3-1                         amd64        Vagrant is a tool for building and distributing development environments.
ii  virtualbox-7.1                  7.1.4-165100~Debian~bookworm    amd64        Oracle VirtualBox
ii  python3.11-venv                 3.11.2-6+deb12u4                amd64        Interactive high-level object-oriented language (pyvenv binary, version 3.11)

git:

frank@GoAD:~$ git clone https://github.com/Orange-Cyberdefense/GOAD.git
frank@GoAD:~$ git checkout -b v3-beta origin/v3-beta

Provisioning:
interactive
and tried also in an onliner:
./goad.sh -t install -l GOAD-Light -p virtualbox -m local
config:

GOAD-Light/virtualbox/local/192.168.56.X (350cc1-goad-light-virtualbox) > config
[+] Current Settings :
[*] Current Lab         : GOAD-Light
[*] Current Provider    : virtualbox
[*] Current Provisioner : local
[*] Current IP range    : 192.168.56.X
[*] Extension(s)        :

So i Am using Windows OS With VMWare to host a Linux machine which uses virtualbox to run GoAD .

I was able to reach all VMs via RDP and i was not able to nslookup north.sevenkindoms.local vom srv02 server.

[Mayfly277]

" was able to reach all VMs via RDP and i was not able to nslookup north.sevenkindoms.local vom srv02 server."

it is sevenkingdoms.local but i think the problem is not the typo in your phrase.

Can you go to srv02 and be sure the dns is on dc02 ?

it is always dns :D

[wwwiesel]

hi, i wanted to redo all the things and what i notices is that it everytime hangs on this task more than 8 hours over night:

TASK [child_domain : Install windows features - AD Domain Services] ****************************************************
changed: [dc02]
 [started TASK: child_domain : Install windows features - RSAT-ADDS on dc02]

TASK [child_domain : Install windows features - RSAT-ADDS] *************************************************************
ok: [dc02]
 [started TASK: child_domain : add child domain to parent domain on dc02]

if i cancel it and trigger install again the mentioned error occur:

TASK [member_server : Add member server] *******************************************************************************
fatal: [srv02]: FAILED! => {"changed": true, "msg": "failed to join domain: Computer 'castelblack' failed to join domain 'north.sevenkingdoms.local' from its current workgroup 'WORKGROUP' with following error message: The specified domain either does not exist or could not be contacted.", "reboot_required": false}

PLAY RECAP *************************************************************************************************************
dc01                       : ok=6    changed=0    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0
dc02                       : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
srv02                      : ok=5    changed=1    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

[-] 3 fails abort.
[-] Something wrong during the provisioning task : ad-members.yml

GOAD-Light/virtualbox/local/192.168.56.X (65d87b-goad-light-virtualbox) >

there are the current settings directly on a fresh build goad-light

Microsoft Windows [Version 10.0.17763.1935]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\Users\vagrant>nslookup google.de
Server:  UnKnown
Address:  192.168.56.11

Non-authoritative answer:
Name:    google.de
Addresses:  2a00:1450:4001:80e::2003
          142.250.186.35


C:\Users\vagrant>

[Sztaklero]

I’m experiencing the exact same problem as you. It fails at the very same point, and neither reinstalling nor anything else seems to help.

[Mayfly277]

the tasks blocked here :

TASK [child_domain : Install windows features - RSAT-ADDS] *************************************************************
ok: [dc02]
 [started TASK: child_domain : add child domain to parent domain on dc02]

is due to DNS ! (yes it is always dns...)

problem is on some windows install (don't know why), even if i force server to use the dns "domain" adapter it still use the nat adapter to try to solve sevenkingdoms.local and the task never end.
Result is a DC02 not fully installed and next castelblack can't be add because the dc is not properlly installed !

Workaround solution is :

go to dc02 (.\vagrant:vagrant) and setup dc01 ip as dns for both network adapters. next relanch the install from the child_domain installation :

instance_id > provision_lab_from ad-child_domain.yml